Assume you are using Spring Boot and you are doing something like this java -Dserver.port=8091 -jar shopApp.jar & to deploy the app, and off course you have Apache configuration to map address example.com to port 8091. Everything is ok but probably you can open the same page by typing example.com or IP:8091, not good. Here I describe how to hide port.
app probably is available under
- http://example.com - IP.IP.IP.IP:8091
check which ports are open
sudo netstat -tlpn ----------------------------------------------------------- Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name ... tcp6 0 0 :::80 :::* LISTEN 368/apache2 ... tcp6 0 0 :::8091 :::* LISTEN 903/java tcp6 0 0 :::8092 :::* LISTEN 934/java
iptables – List the rules
iptables --list
iptables – add new rules
iptables -A INPUT -p tcp -s localhost --dport 8091 -j ACCEPT iptables -A INPUT -p tcp --dport 8091 -j DROP iptables -A INPUT -p tcp -s localhost --dport 8092 -j ACCEPT iptables -A INPUT -p tcp --dport 8092 -j DROP
iptables – remove rules (in case if you will screw something)
iptables -D INPUT -p tcp -s localhost --dport 8091 -j ACCEPT iptables -D INPUT -p tcp --dport 8091 -j DROP iptables -D INPUT -p tcp -s localhost --dport 8092 -j ACCEPT iptables -D INPUT -p tcp --dport 8092 -j DROP
iptables – List the rules
iptables --list
remember, now you apache should use localhost no IP
vim /etc/apache2/sites-enabled/000-default.conf
-----------------------------------------------
<VirtualHost example.com:80>
ServerAdmin me@example.com
ServerName example.com
ServerAlias example.com
ProxyPass / http://localhost:8091/
ProxyPassReverse / http://localhost:8091/
ErrorLog ${APACHE_LOG_DIR}/example.com-error_log
CustomLog ${APACHE_LOG_DIR}/example.com-access_log combined
</VirtualHost>
service apache2 restart
now app is available only under
- http://example.com